HTB – Blue

After Cronos gave me enough trouble between the SQLi and the reverse shell I wanted something I thought would be straightforward. So I went with Blue which if I can bet involves EternalBlue!

Right to it with NMAP:

An older version of SMB, lets poke around.

Bingo.

I really wanted to do this in Python2 to practice my virtual environment skills. So that’s what we will do.

Of course I ran into a bunch of headaches. Something I need to work on. I managed to get a working script going and of course the box crashed. So after a reset, I blasted away and box crashed again.

So I went with Metasploit. More stable here and I was okay doing this because I knew what was vulnerable etc.

This box was very buggy and metasploit failed a few times. Eventually it grabbed and I got both flags.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: